Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Critical RealPlayer hole patched

Critical RealPlayer hole patched

by Nikola Strahija on June 27th, 2005 RealNetworks has issued four patches for security holes in its RealPlayer software, some of which could allow an attacker to run unauthorised code on your computer.


The most serious of the bugs, which affects RealPlayers on Windows, Macintosh and Linux, takes advantage of a bug in the RealText file format that is used in SMIL (Synchronized Multimedia Integration Language) files, according to Michael Sutton, director of iDefense's labs. -This is something that somebody could be vulnerable to without really taking much action. They could double click on a file, or go to a URL that somebody sent them in an mail.’

The other RealPlayer flaws could be triggered by malicious code inserted into MP3, AVI or RM (real media) files, and affect only the Windows version of RealPlayer, according to an advisory issued by RealNetworks.
Version 3 of the Rhapsody player for RealNetworks's online music service is also affected by one of the vulnerabilities.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »